Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Ensure all VVoIP systems and components within the LAN (Enclave) are deployed using the using the dedicated VVoIP address space defined in the VVoIP system design for the given network type.

NOTE: This is applicable to the following:
> A closed unclassified LAN
> A unclassified LAN connected to a unclassified WAN such as the NIPRNet or Internet
> A closed classified LAN
> A classified LAN connected to a classified WAN (such as the SIPRNet).

NOTE: In the case of a classified WAN where network wide address based accountability or traceability is required by the network PMO, the PMO must provide a segregated, network wide address block(s) so that the attached classified LANs can meet this requirement.

Provide or use a dedicated address space for the VVoIP system that is segregated from the address space used for the general LAN, management VLANs, and other segregated services running on the LAN.

Use this address space when configuring VVoIP VLANs and when assigning addresses to VVoIP endpoints and core equipment.

Check Contents

Inspect data network scan results (or perform a scan of the data network) and look for the presence of VVoIP systems and endpoints.

Vulnerability Number

V-19628

Documentable

False

Rule Version

VVoIP 5225

Severity Override Guidance

Inspect data network scan results (or perform a scan of the data network) and look for the presence of VVoIP systems and endpoints.